Also fix LUKS1 keyslot function to proper return -ENOENT errno in this case.
This change means, that user can distinguish between bad passphrase and
no keyslot available. (But this information was avalilable with luksDump
even before the change.)
For now, the hash was set to sha256 (except for converted LUKS1 header).
This patch adds the same logic as in LUKS1 - hash aglorithms is
loaded from PBKDF setting.
Fixes#396.
This patch makes available LUKS2 per-keyslot encryption settings to user.
In LUKS2, keyslot can use different encryption that data.
We can use new crypt_keyslot_get_encryption and crypt_keyslot_set_encryption
API calls to set/get this encryption.
For cryptsetup new --keyslot-cipher and --keyslot-key-size options are added.
The default keyslot encryption algorithm (if cannot be derived from data encryption)
is now available as configure options (default is aes-xts-plain64 with 512-bits key).
NOTE: default was increased from 256-bits.
Also print these area sizes in dump command.
NOTE: since now, the metadata area size in dump command contains
mandatory 4k binary section (to be aligned with API definition).
The crypt_set_data_offset sets the data offset for LUKS and LUKS2 devices
to specified value in 512-byte sectors.
This value should replace alignment calculation in LUKS param structures.
For some reason the volume key file have to exists.
Let's change the logic to the same as for luksBackupHeader
(a file is created and operation fails if it already exists).
Bzip2 is sometimesmissing and we use xz already.
Seems xz produces slightly larger archives (despite the best mode)
but it is not worth to keep bz2 here.
A keyslot not bound to any segment can store any key for any purpose.
To easily check slot status, new enum value is introduced.
This status is valid only for LUKS2, so the functions are backward compatible
with LUKS1.
The kernel 4.17 will include a new dm-verity flag that
instructs kernel to verify data blocks only once.
This patch adds support for it to libcryptsetup and veritysetup.
This flag can be dangerous; if you can control underlying device
(you can change its content after it was verified) it will no longer
prevent reading tampered data and also it does not prevent to silent
data corrruptions that appears after the block was once read.
It there is an input on stdin (pipe), we cannot retry for password,
a retry applies only for the real terminal.
Also the retry lost EPERM (wrong passphrase) return code in this case,
replacing it with tty read error.
Fixes#321.
Add yet another flawed dm-crypt test (keyring)
and test crypt_get_volume_key_size works
as expected after LUKS2 crypt_format (before
adding first keyslot).
